funsec mailing list archives
Cryptome: Server Comms Reporting for Research Effort gov.pk
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Thu, 6 Dec 2007 00:00:01 +0200 (EET)
It is not know if this information was collected with scripts or manually via Netcraft-type databases. Example data: --clip-- www.academy.gov.pk 67.18.34.220 SERVER IP: 67.18.34.220 PORT/PROTOCOL: 80/tcp TYPE: NOTE - A web server is running on this port : Server: Microsoft-IIS/6.0 - The remote host is running a Microsoft IIS webserver SERVER IP: 67.18.34.220 PORT/PROTOCOL: 80/tcp TYPE: REPORT Synopsis : The remote host is vulnerable to multiple attack vectors The remote host is running PHP less than 5.2.0. This version is vulnerable to around 180 bugs. An attacker, exploiting these flaws, would be able to impact Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : Upgrade to PHP 4.4.5, 5.2.1 or newer See also : http://www.php.net/ChangeLog-5.php#5.2.1 CVE :.... --clip-- Link: http://cryptome.org/gov-pk.htm - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cryptome: Server Comms Reporting for Research Effort gov.pk Juha-Matti Laurio (Dec 05)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Dude VanWinkle (Dec 05)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk George A. Theall (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Eduardo Tongson (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk George A. Theall (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Dude VanWinkle (Dec 05)